What Russia's War in Ukraine Means for Your Digital Security

Besides the conventional "boots on the ground" approach, Russia's invasion of Ukraine also involves a cyber warfare element. So far, Russian cyberattacks have been limited to targets within Ukraine. They have also been much more timid than anticipated.

What do Russian cyberattacks mean for your digital security? Below are some insights from cybersecurity experts.

Focus on the Basics

The US-based SANS Institute, a renowned cyber and information security group, has recently streamed a webcast on Russian cyber capabilities and a possibility of cyberattack spillover beyond Ukraine.

While most of the discussion focused on the security of critical infrastructure, participants also highlighted some of the implications of Russian cyberattacks for Internet users in North America.

First, the destructive impact of cyberattacks on regular people is overblown. In other words, most of us have little to fear from Russian cyberattacks.

Second, the biggest cybersecurity threat to Internet users beyond Ukraine will come from malware and phishing attacks by pro-Russian hacktivists. You can protect yourself from such attacks by following basic digital hygiene rules:

• Know how to recognize (and not fall for) a phishing attack.

• Use strong and unique passwords, and beware of attempts to steal them from you.

• Keep your software up-to-date and only install software from official sources.

To find more highlights from the SANS Institute webcast, check this curated collection of my tweets from the event.

Prepare for What's Coming

Speaking to CTV News recently, Rafal Rohozinski, principal of the SecDev Group and senior fellow at the Centre for International Governance Innovation, said we should expect bolder and more frequent cyberattacks from Russia.

Rohozinski said Russia was disconnecting its networks from the global Internet. According to the expert, that may indicate that the country was preparing for a broad cyber assault against western nations.

Protect Information and Devices

In a recent Harvard Business Review article, Stuart Madnick recommends additional things that people can do to protect their computers and information on them. Here are suggested actions:

• Make sure the software you are using has all known vulnerabilities patched. This is simply another way of saying that you should keep software up-to-date.

• Use reliable antivirus and malware detection software. It is possible that your devices are already infected with malware. The best way to check for this is to keep your antivirus up-to-date.

• Back up important information often so you can restore it if your devices are damaged or destroyed as a result of a cyberattack.

We may not know what Russia will do next. But we do know what we can do as individuals to protect ourselves from cyberattacks. Make sure you are prepared for what may come next.